-
Notifications
You must be signed in to change notification settings - Fork 19
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Refactoring the code and adding TDEMasterKeyInfo to TDE file headers. #141
Conversation
src/access/pg_tde_tdemap.c
Outdated
/* Set the file paths */ | ||
pg_tde_set_db_file_paths(); | ||
|
||
/* Open and vaidate file for basic correctness. */ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/* Open and vaidate file for basic correctness. */ |
src/access/pg_tde_tdemap.c
Outdated
{ | ||
/* Return if the values are already set */ | ||
if (*db_path && *db_map_path && *db_keydata_path) | ||
return; | ||
|
||
/* Fill in the values */ | ||
snprintf(db_path, MAXPGPATH, "%s", GetDatabasePath(rlocator->dbOid, rlocator->spcOid)); | ||
snprintf(db_path, MAXPGPATH, "%s", GetDatabasePath(MyDatabaseId, DEFAULTTABLESPACE_OID)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
MyDatabaseId
won't work for replication as XLog replay has value. We would need to use pg_tde_write_map_entry()
and pg_tde_delete_tde_files()
there and those functions call pg_tde_set_db_file_paths()
. So we have to have an option to pass a databaseId
here. I'm not sure about table space though.
src/access/pg_tde_tdemap.c
Outdated
|
||
static int32 pg_tde_write_map_entry(const RelFileLocator *rlocator, char *db_map_path, const char *master_key_name); | ||
static int32 pg_tde_write_map_entry(const RelFileLocator *rlocator, char *db_map_path, TDEMasterKey *master_key); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I feel like TDEMasterKeyInfo
is more appropriate here and in the rest of the functions in this file as we dealing with the key info only. It would be more clear for the code readers.
src/access/pg_tde_tdemap.c
Outdated
PathNameDeleteTemporaryFile(db_map_path, true); | ||
PathNameDeleteTemporaryFile(db_keydata_path, true); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Won't durable_unlink()
be better here? "TemporaryFile" a bit looks confusing in this context plus durable_unlink()
ensures the remove effect is persist before returning
This also eliminates the master key info file in favour of saving the same information in the TDE map and key data files.
This is the first step towards master key rotation as we are eliminating the need for making changes in multiple files and thereby, making the master key rotation an atomic operation.